cross-posted from: https://lemmy.pt/post/5733711

A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • Telorand@reddthat.com
    link
    fedilink
    arrow-up
    14
    ·
    6 months ago

    They could get RasPis below 4th gen running outdated software, I guess. I think I read elsewhere that Debian already had a patch out some time ago, so that number is also likely diminishingly small.

    • d_k_bo@feddit.org
      link
      fedilink
      arrow-up
      7
      ·
      6 months ago

      I have no idea when I last updated my RasPi 0s (none of which is exposed to the public).

      • oKtosiTe@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        6 months ago

        Most images and distros are just Raspbian at their core and as such are pretty easy to upgrade.

        I upgraded my homebridge/pihole from Bullseye to Bookworm just a few days ago and it went off without a hitch.

        • IceFoxX@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          6 months ago

          Did the same with raspi3… It broke too many things for me and couldn’t be restarted. I then completely reinstalled it.

          • oKtosiTe@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            Aww that sucks. To be fair I did take a full image backup before attempting the upgrade in case something went awry.

            • IceFoxX@lemm.ee
              link
              fedilink
              arrow-up
              2
              ·
              6 months ago

              I also had a complete backup, but I was also considering reinstalling it at the time anyway. Accordingly, only partially restored data. But you should definitely make a backup, that’s true.